Machine-checked ZKP for NP-relations: Formally Verified Security Proofs and Implementations of MPC-in-the-Head

TL;DR

This paper presents the first machine-checked implementation of the MPC-in-the-Head framework for zero-knowledge proofs, including formal security proofs and verified implementations, leveraging EasyCrypt for formalization and code extraction.

Contribution

It provides a formalized, modular EasyCrypt implementation of MPC-in-the-Head with verified security and correctness, along with a verified executable implementation.

Findings

Secure, correct ZK protocol proved in EasyCrypt

Benchmark results indicate overhead of formalization and code extraction

First machine-checked implementation of MPC-in-the-Head framework

Abstract

MPC-in-the-Head (MitH) is a general framework that allows constructing efficient Zero Knowledge protocols for general NP-relations from secure multiparty computation (MPC) protocols. In this paper we give the first machine-checked implementation of this transformation. We begin with an EasyCrypt formalization of MitH that preserves the modular structure of MitH and can be instantiated with arbitrary MPC protocols that satisfy standard notions of security, which allows us to leverage an existing machine-checked secret-sharing-based MPC protocol development. The resulting concrete ZK protocol is proved secure and correct in EasyCrypt. Using a recently developed code extraction mechanism for EasyCrypt we synthesize a formally verified implementation of the protocol, which we benchmark to get an indication of the overhead associated with our formalization choices and code extraction mechanism.